What extra data is in MAC address field of an Event Log message?


#1

This screen shot shows three messages triggered by an outbound DENY firewall rule.

The MAC address field includes the MAC address of the device, but it also includes extra data. What is that extra data?

The MAC address of the device is in the middle of the MAC field. You can see the MAC of the device in the first two messages, where it was assigned an IP address.The router is a Surf SOHO running firmware 7.0.2.


#2

@Michael234

Let put a example for the log given :smile: :

MAC=00:1a:dd:f9:8a:a0:88:d7:f6:4d:8a:3a:08:00

Destination MAC: 00:1a:dd:f9:8a:a0 (MAC address for SOHO LAN)
Source MAC: 88:d7:f6:4d:8a:3a (MAC address for Client)
Protocol Type: 08:00 (Ethernet frame carried an IPv4 datagram)


#3

Thank you.